[BUG] Unable to use getTrustedAgentAuthorizationToken with private client key

[tayyab-salman]

We are unable to use getTrustedAgentAuthorizationToken with the private client key.

const response = await shopperLogin.getTrustedAgentAuthorizationToken({ parameters: { 'channel_id': process.env.PUBLIC_COMMERCE_API_SITE_ID, 'grant_type': 'client_credentials', 'idp_origin': 'ecom', 'login_id': loginId, 'enc_user_id': encUserId }, headers: { 'Authorization': Bearer ${authCode}, '_sfdc_client_auth': base64data, 'Content-Type': 'application/x-www-form-urlencoded' } })

That's because the client_id is set to required. But we cannot pass both _sfdc_client_auth & client_id together.

As a work around - for now, we are going with the fetch API on our side. But it needs to be fixed in package and package should support getTrustedAgentAuthorizationToken for the case of private client key.

[joeluong-sfcc]

Hi @TayyabSalmanMRM1996 thanks for posting this issue, since the API has clientId marked as required, the commerce-sdk-isomorphic will reflect that. I'll follow up with the SLAS team about this issue and see if it makes sense to mark that parameter as optional.

Out of curiosity, what's the behavior of getTrustedAgentAuthorizationToken when you pass in an empty string, '', for clientId using private client?

[joeluong-sfcc]

Hi @TayyabSalmanMRM1996, I spoke to a person on the SLAS team and apparently the _sfdc_client_auth was designed only for internal use. Is there a specific reason why you're passing this header?